From nobody Sat Apr 19 23:51:50 2025 X-Original-To: freebsd-net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Zg7hV52Wzz5tfZt for ; Sat, 19 Apr 2025 23:51:54 +0000 (UTC) (envelope-from paige@paige.bio) Received: from outbound.qs.icloud.com (p-east3-cluster2-host5-snip4-10.eps.apple.com [57.103.87.181]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Zg7hT6d8Wz3ZPq for ; Sat, 19 Apr 2025 23:51:53 +0000 (UTC) (envelope-from paige@paige.bio) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=paige.bio header.s=sig1 header.b=TU5R1ynw; dmarc=pass (policy=reject) header.from=paige.bio; spf=pass (mx1.freebsd.org: domain of paige@paige.bio designates 57.103.87.181 as permitted sender) smtp.mailfrom=paige@paige.bio DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paige.bio; s=sig1; bh=2TF+yutIYSdVXuhwQOX0KsIvJ3eH94dJt/5IDRoR/28=; h=To:From:Subject:Date:Message-id:Content-Type:MIME-Version:x-icloud-hme; b=TU5R1ynwaaBl/l1lF0ode1ETrHE2cLQbatpebh8N9X4JxL9a+PmuPeaAUSyPBWzOZ Cce1CyyiSVZi3jmEeEJbS+c66XmlUiCQw7A9ubmbTIvw04chb08WzKdRauijdCdkZY c8xBI2Knjrx9sz+Jep0wJ9i2eRooeEBVQD2BerDDusdzwBu4Hiur0KXO9lt95cA7aH 3bl0WXeHHrl7ofvAL/IcvRNQYj9oIUDRY1sXnHkxV75Lm7/WKyhv79yCkXSPDYQ+Hl C7iBWPHED51hiLbVLOmxiomDd9MPEmK68DRQZVhbpezfQxtANgIhwuaJTyTEo8CU+v A+xIbGyezk2GA== Received: from outbound.qs.icloud.com (localhost [127.0.0.1]) by outbound.qs.icloud.com (Postfix) with ESMTPS id 7350018035B7 for ; Sat, 19 Apr 2025 23:51:52 +0000 (UTC) Received: from p00-mailws2-5f5cb8d549-spcdf (qs-asmtpout-k8s.p00.prod.me.com [10.112.113.19]) by outbound.qs.icloud.com (Postfix) with ESMTPSA id 1945B18022D5 for ; Sat, 19 Apr 2025 23:51:50 +0000 (UTC) To: freebsd-net@freebsd.org From: Paige Thompson Subject: Re: FIBs with IPv6 Date: Sat, 19 Apr 2025 23:51:50 +0000 (UTC) X-Client-IP: 76.147.176.23 X-Mailer: iCloud MailClientcurrent MailServer2502B13.7c5914c7dad3 Message-id: Content-Type: multipart/alternative; boundary=Apple-Webmail-42--d5dbd588-9dbb-4437-8f97-903d1784436e List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 In-Reply-To: <83cc7ce5-70b6-4578-8e1a-f5ee04f2c7b9@me.com> References: <83cc7ce5-70b6-4578-8e1a-f5ee04f2c7b9@me.com> X-Spamd-Result: default: False [-2.37 / 15.00]; RBL_SENDERSCORE_REPUT_9(-1.00)[57.103.87.181:from]; NEURAL_HAM_LONG(-0.98)[-0.978]; NEURAL_SPAM_MEDIUM(0.85)[0.850]; DMARC_POLICY_ALLOW(-0.50)[paige.bio,reject]; NEURAL_HAM_SHORT(-0.24)[-0.241]; R_SPF_ALLOW(-0.20)[+ip4:57.103.64.0/18:c]; R_DKIM_ALLOW(-0.20)[paige.bio:s=sig1]; MIME_GOOD(-0.10)[multipart/alternative,text/plain,multipart/related]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:714, ipnet:57.103.0.0/16, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[freebsd-net@freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-net@freebsd.org]; DKIM_TRACE(0.00)[paige.bio:+] X-Rspamd-Queue-Id: 4Zg7hT6d8Wz3ZPq X-Spamd-Bar: -- --Apple-Webmail-42--d5dbd588-9dbb-4437-8f97-903d1784436e Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8; format=flowed I forgot to mention the post I was referring to on the forums: https://for= ums.freebsd.org/threads/fibs-with-ipv6.95984/ On Apr 19, 2025, at 7:36 PM,= Paige Thompson wrote: Hey yall, I came across a thread = today on the forum regarding an issue with trying to get IPv6 to work on s= omething like a epair interface, I'm having the same issue myself when one= end of the epair is assigned to a FIB that differs from the other. I repl= ied to this thread, but it's pending mod. In any case I glossed over the t= ests of this in /usr/src/tests/sys/netinet6/ndp.sh and proxy_ndp.sh but no= thing about them would lead me to believe that they're also testing with a= FIB, nothing in the man page would lead me to believe that FIBs have ever= been considered with regards to NDP either. IPv4 works fine, I can assign= a /31 to both ends of the epair with one interface using a different FIB = from the other and both are able to reach each other end to end, and also = looking at a packet dump seemed to confirm that with IPv4 ARP is working c= orrectly. I thought I was going crazy for a minute because I remember this= exact configuration (or something nearly identical at least) worked for m= e on OpenBSD. Linux is another story but as I recall if you don't factor i= n the problems that netfilter adds (like trying to use ct_zones as an afte= r thought for coalescing the identity of a VRF from fwmark) I recall this = at least worked as one would expect. I don't really see anything in the gi= t log about FIB for NDP, thing is I can probably create a static NDP entry= and make this work, will have to try later but I'm just wondering if mayb= e this just got overlooked. setfib would seem to be older than NDP but I d= on't know... looking at ndp.c I'm very unfamiliar with it but it does look= like it's querying routing tables at certain points. I'll try turning on = debugverbose later and see if anything comes up but I just wanted to menti= on this just in case this stands out to anybody. Thanks -Paige --Apple-Webmail-42--d5dbd588-9dbb-4437-8f97-903d1784436e Content-Type: multipart/related; type="text/html"; boundary=Apple-Webmail-86--d5dbd588-9dbb-4437-8f97-903d1784436e --Apple-Webmail-86--d5dbd588-9dbb-4437-8f97-903d1784436e Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8;
I forgot to mention the post I was referring to on the foru= ms:

https://forums.freebsd= .org/threads/fibs-with-ipv6.95984/

On Apr 19, 2025, at 7:36 PM, Paige Thompson <paige@paig= e.bio> wrote:


Hey= yall,

I came across a thread today on the f= orum =0Aregarding an issue with trying to get IPv6 to work on something li= ke a =0Aepair interface, I'm having the same issue myself when one end of = the =0Aepair is assigned to a FIB that differs from the other. I replied t= o =0Athis thread, but it's pending mod.

In a= ny case I glossed over =0Athe tests of this in /usr/src/tests/sys/netinet6= /ndp.sh and proxy_ndp.sh=0A but nothing about them would lead me to believ= e that they're also =0Atesting with a FIB, nothing in the man page would l= ead me to believe =0Athat FIBs have ever been considered with regards to N= DP either.

IPv4=0A works fine, I can assign = a /31 to both ends of the epair with one =0Ainterface using a different FI= B from the other and both are able to =0Areach each other end to end, and = also looking at a packet dump seemed to=0A confirm that with IPv4 ARP is w= orking correctly.

I thought I =0Awas going c= razy for a minute because I remember this exact configuration=0A (or somet= hing nearly identical at least) worked for me on OpenBSD. =0ALinux is anot= her story but as I recall if you don't factor in the =0Aproblems that netf= ilter adds (like trying to use ct_zones as an after =0Athought for coalesc= ing the identity of a VRF from fwmark) I recall this =0Aat least worked as= one would expect.

I don't really see anythi= ng=0A in the git log about FIB for NDP, thing is I can probably create a =0A= static NDP entry and make this work, will have to try later but I'm just=0A= wondering if maybe this just got overlooked. setfib would seem to be =0Ao= lder than NDP but I don't know... looking at ndp.c I'm very unfamiliar =0A= with it but it does look like it's querying routing tables at certain =0Ap= oints. I'll try turning on debugverbose later and see if anything comes=0A= up but I just wanted to mention this just in case this stands out to =0Aa= nybody.


Thanks
<= /div>
-Paige

--Apple-Webmail-86--d5dbd588-9dbb-4437-8f97-903d1784436e-- --Apple-Webmail-42--d5dbd588-9dbb-4437-8f97-903d1784436e--